Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/9LE7kwrgnkCNbCeJTI6SKLCcTBU.roa
File: 9LE7kwrgnkCNbCeJTI6SKLCcTBU.roa (raw, json)
Hash identifier: CBehvN5OL644lq5O68Yk4gq9K8qnhNncHLNi5bBSFf4=
Subject key identifier: F4:B1:3B:93:0A:E0:9E:40:8D:6C:27:89:4C:8E:92:28:B0:9C:4C:15
Certificate issuer: /CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Certificate serial: 08339A4B
Authority key identifier: 72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/9LE7kwrgnkCNbCeJTI6SKLCcTBU.roa
Signing time: Sat 01 Jan 2022 14:57:19 +0000
ROA not before: Sat 01 Jan 2022 14:57:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58317
IP address blocks: 45.85.75.0/24 maxlen: 24
45.85.74.0/24 maxlen: 24
45.85.73.0/24 maxlen: 24
45.85.72.0/24 maxlen: 24
45.85.72.0/22 maxlen: 24
2a0e:bb80::/29 maxlen: 32
2a0e:bb81::/32 maxlen: 32
2a0e:bb82::/32 maxlen: 32
2a0e:bb80::/32 maxlen: 32
2a0e:bb83::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137599563 (0x8339a4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Validity
Not Before: Jan 1 14:57:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4b13b930ae09e408d6c27894c8e9228b09c4c15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:59:db:f1:43:24:41:0d:ed:1e:8c:34:b9:66:
d4:38:8e:ce:f2:83:09:51:7c:71:c1:5c:a6:4b:1c:
79:92:7e:e7:a8:d6:4b:04:ca:b4:15:6d:e1:41:6d:
cd:5b:2f:f7:38:4d:43:37:22:0b:58:e1:14:b6:ac:
e6:57:22:e1:15:65:72:6f:aa:95:85:6d:e3:4e:be:
78:23:cf:6b:64:42:2a:6f:b8:d7:ae:18:7e:f2:2f:
e9:75:65:b0:f5:50:0b:9d:8e:59:68:19:0b:3e:13:
1f:21:8d:7d:37:5a:37:19:65:a8:73:d6:6c:de:31:
51:21:e4:4c:f8:e8:b4:9b:80:e9:48:b5:0f:80:b9:
76:98:fe:da:6c:67:cc:f3:39:e0:4c:f8:4c:03:52:
b3:ce:dd:17:b5:1c:d4:3d:9a:12:4b:bd:0b:f2:46:
69:d7:95:8e:a2:dc:f3:04:b1:c3:2a:50:54:57:45:
1f:9d:3b:e8:a3:18:c5:43:71:84:03:9d:e4:bb:f5:
bc:f7:76:3a:78:00:82:55:a8:d9:64:23:23:fe:8f:
0e:f8:29:cd:43:9b:10:58:33:f9:df:e4:a4:17:e2:
ad:33:c5:f4:97:d2:35:f5:0b:df:14:64:f2:b3:c1:
02:6d:79:84:08:e2:e6:02:07:dc:fe:7d:a7:42:c4:
db:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:B1:3B:93:0A:E0:9E:40:8D:6C:27:89:4C:8E:92:28:B0:9C:4C:15
X509v3 Authority Key Identifier:
keyid:72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/9LE7kwrgnkCNbCeJTI6SKLCcTBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/cnadbkoPwsmAE7ci6yvrnm6HH8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.72.0/22
IPv6:
2a0e:bb80::/29
Signature Algorithm: sha256WithRSAEncryption
2d:bf:c9:e6:a1:9d:84:86:70:05:75:4c:1f:35:c5:7b:36:48:
9e:d6:b6:a0:9d:79:dd:e2:48:36:6d:bb:47:9f:3d:1c:c1:4e:
c1:0b:99:58:ca:0c:7a:80:bf:a2:f8:8d:50:9f:17:d0:cc:f4:
cb:1e:f3:86:d1:5e:be:95:1d:55:d2:26:48:97:84:23:ef:20:
54:ff:67:c5:a4:59:07:5a:fd:e5:b2:bd:3d:3b:0d:b9:99:62:
da:74:ef:b7:f9:16:a7:bf:ef:07:c6:7a:2c:a7:d0:79:77:7c:
ec:3c:f9:1e:ff:92:24:a9:cc:f0:08:95:6d:0d:90:68:b0:46:
a5:4c:59:67:22:77:13:08:da:c1:af:6a:4f:53:17:4d:70:17:
c1:5b:24:4d:a7:12:5f:6a:db:d9:b9:8b:6b:7c:12:f8:43:a7:
ed:a5:25:9c:ed:99:7e:cd:eb:d2:e0:ad:e7:91:9f:25:a9:83:
8b:7f:40:b4:0b:fd:4e:e6:08:9e:46:90:f6:90:70:61:88:19:
ac:24:f8:cf:db:a9:82:d8:62:6c:55:a1:c7:de:6e:1d:0e:2e:
f2:40:3a:9f:a5:9d:90:e7:cf:20:a2:6b:ec:be:c5:16:63:f0:
0f:b0:c9:27:c5:ce:3f:44:33:3b:5e:5a:16:4a:70:7f:bc:21:
a3:63:5f:64
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECDOaSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Mjc2OWQ2ZTRhMGZjMmM5ODAxM2I3MjJlYjJiZWI5ZTZlODcxZmM2MB4XDTIyMDEw
MTE0NTcxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjRiMTNiOTMwYWUw
OWU0MDhkNmMyNzg5NGM4ZTkyMjhiMDljNGMxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9Z2/FDJEEN7R6MNLlm1DiOzvKDCVF8ccFcpksceZJ+56jW
SwTKtBVt4UFtzVsv9zhNQzciC1jhFLas5lci4RVlcm+qlYVt406+eCPPa2RCKm+4
164YfvIv6XVlsPVQC52OWWgZCz4THyGNfTdaNxllqHPWbN4xUSHkTPjotJuA6Ui1
D4C5dpj+2mxnzPM54Ez4TANSs87dF7Uc1D2aEku9C/JGadeVjqLc8wSxwypQVFdF
H5076KMYxUNxhAOd5Lv1vPd2OngAglWo2WQjI/6PDvgpzUObEFgz+d/kpBfirTPF
9JfSNfUL3xRk8rPBAm15hAji5gIH3P59p0LE2+sCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBT0sTuTCuCeQI1sJ4lMjpIosJxMFTAfBgNVHSMEGDAWgBRydp1uSg/CyYAT
tyLrK+uebocfxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NuYWRia29Qd3NtQUU3Y2k2eXZybm02SEg4WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvYzY3NTIyLTcxYzUtNDA2MS1hMThiLTY5MzNhOTBjNTNmYS8x
LzlMRTdrd3JnbmtDTmJDZUpUSTZTS0xDY1RCVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
YzY3NTIyLTcxYzUtNDA2MS1hMThiLTY5MzNhOTBjNTNmYS8xL2NuYWRia29Qd3Nt
QUU3Y2k2eXZybm02SEg4WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi1VSDANBAIAAjAHAwUDKg67gDAN
BgkqhkiG9w0BAQsFAAOCAQEALb/J5qGdhIZwBXVMHzXFezZInta2oJ153eJINm27
R589HMFOwQuZWMoMeoC/oviNUJ8X0Mz0yx7zhtFevpUdVdImSJeEI+8gVP9nxaRZ
B1r95bK9PTsNuZli2nTvt/kWp7/vB8Z6LKfQeXd87Dz5Hv+SJKnM8AiVbQ2QaLBG
pUxZZyJ3Ewjawa9qT1MXTXAXwVskTacSX2rb2bmLa3wS+EOn7aUlnO2Zfs3r0uCt
55GfJamDi39AtAv9TuYInkaQ9pBwYYgZrCT4z9upgthibFWhx95uHQ4u8kA6n6Wd
kOfPIKJr7L7FFmPwD7DJJ8XOP0QzO15aFkpwf7who2NfZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:04 2024 by rpki-client on console-fra.rpki-client.org